Merge branch 'api-v1' of https://github.com/nbitzz/monofile into api-v1

2024-11-22 05:46:26 -08:00 · 2023-10-05 20:08:42 +01:00 · 2023-10-05 20:08:42 +01:00 · 48e00b1b54
parent 01bb4684a3 9e83d751bd
commit 48e00b1b54
2 changed files with 31 additions and 49 deletions
--- a/src/server/routes/api/v1/account.ts
+++ b/src/server/routes/api/v1/account.ts
@ -20,11 +20,11 @@ const parser = bodyParser.json({
 const router = Router()
-router.use(getAccount)
+router.use(getAccount, parser)
 module.exports = function(files: Files) {
-    router.post("/login",
+    router.post(
-        parser,
+        "/login",
        (req, res) => {
            if (typeof req.body.username != "string" || typeof req.body.password != "string") {
                ServeError(res, 400, "please provide a username or password")
@ -54,8 +54,8 @@ module.exports = function(files: Files) {
        }
    )
-    router.post("/create",
+    router.post(
-        parser,
+        "/create",
        (req, res) => {
            if (!Configuration.accounts.registrationEnabled) {
                ServeError(res , 403, "account registration disabled")
@ -110,7 +110,8 @@ module.exports = function(files: Files) {
        }
    )
-    router.post("/logout",
+    router.post(
        "/logout",
        (req, res) => {
            if (!Authentication.validate(req.cookies.auth)) {
                ServeError(res, 401, "not logged in")
@ -122,10 +123,9 @@ module.exports = function(files: Files) {
        }
    )
-    router.put("/dfv",
+    router.put(
-        requiresAccount,
+        "/dfv",
-        requiresPermissions("manage"),
+        requiresAccount, requiresPermissions("manage"),
        parser,
        (req, res) => {
            const Account = res.locals.acc as Accounts.Account
--- a/src/server/routes/api/v1/customization.ts
+++ b/src/server/routes/api/v1/customization.ts
@ -8,6 +8,7 @@ import bodyParser from "body-parser";
 import Files, { id_check_regex } from "../../../lib/files";
 import * as Accounts from '../../../lib/accounts'
 import { getAccount, requiresAccount, requiresPermissions } from "../../../lib/middleware";
 import ServeError from "../../../lib/errors";
 const Configuration = require(`${process.cwd()}/config.json`)
@ -17,14 +18,13 @@ const parser = bodyParser.json({
 const router = Router()
-router.use(getAccount)
+router.use(getAccount, parser)
 module.exports = function(files: Files) {
-    router.put("/css",
+    router.put(
-        requiresAccount,
+        "/css",
-        requiresPermissions("customize"),
+        requiresAccount, requiresPermissions("customize"),
-        parser,
+        async (req, res) => {
        (req, res) => {
            const Account = res.locals.acc as Accounts.Account
            if (typeof req.body.fileId != "string") req.body.fileId = undefined;
@ -37,16 +37,9 @@ module.exports = function(files: Files) {
            ) {
                Account.customCSS = req.body.fileId || undefined
-                if (!req.body.fileId) delete Account.customCSS;
+                await Accounts.save()
                Accounts.save()
                res.send("custom css saved")
-            } else {
+            } else ServeError(res, 400, "invalid fileId")
                res.status(400)
                res.send("invalid fileid")
            }
        }
    )
@ -61,10 +54,8 @@ module.exports = function(files: Files) {
    )
    router.put("/embed/color",
-        requiresAccount,
+        requiresAccount, requiresPermissions("customize"),
-        requiresPermissions("customize"),
+        async (req, res) => {
        parser,
        (req, res) => {
            const Account = res.locals.acc as Accounts.Account
            if (typeof req.body.color != "string") req.body.color = undefined;
@ -74,40 +65,31 @@ module.exports = function(files: Files) {
                || (req.body.color.toLowerCase().match(/[a-f0-9]+/) == req.body.color.toLowerCase())
                && req.body.color.length == 6
            ) {
                if (!Account.embed) Account.embed = {};
                if (!Account.embed) Account.embed = {};
                Account.embed.color = req.body.color || undefined
-                if (!req.body.color) delete Account.embed.color;
+                await Accounts.save()
                Accounts.save()
                res.send("custom embed color saved")
            } else {
                res.status(400)
-                res.send("invalid hex code")
+            } else ServeError(res,400,"invalid hex code")
            }
        }
    )
    router.put("/embed/size",
-        requiresAccount,
+        requiresAccount, requiresPermissions("customize"),
-        requiresPermissions("customize"),
+        async (req, res) => {
        parser,
        (req, res) => {
            const Account = res.locals.acc as Accounts.Account
-            if (typeof req.body.largeImage != "boolean") req.body.color = false;
+            if (typeof req.body.largeImage != "boolean") {
                ServeError(res, 400, "largeImage must be bool");
                return
            }
            if (!Account.embed) Account.embed = {};
            Account.embed.largeImage = req.body.largeImage
-            if (!req.body.largeImage) delete Account.embed.largeImage;
+            await Accounts.save()
            Accounts.save()
            res.send(`custom embed image size saved`)
        }
    )